Utilize keytool programmatically in a Java servlet to create a certificate/keypair
Question
We need to create an HTTP service that can create and return a certificate signed by a trusted parent certificate. Our initial plan was to use keytool in the bin directory of our jdk in a Servlet using Runtime.exec, but it seems the keytool commands require answers to prompts on the command line.
For example: keytool -genkey -alias mydomain -keyalg RSA -keystore keystore.jks -keysize 2048 asks a number of questions on the command line.
Our next idea was to use java.security.KeyStore, but I don't see a way to export and persist the store, we will want to keep all our certificates in a jks file. If the web container goes down we definitely need to be able to keep all the PKI artifacts.
2 answers
solution1
1 2013-03-18 20:49:49
Since this was one of the top results in google and I did eventually figure it out here's the answer.
$ java -version
java version "1.7.0_11"
$ keytool -genkey -keysize 2048 \
-alias tomcat \
-keyalg RSA \
-dname "CN=example.com,OU=MyOrgUnit,O=MyOrg,L=Somewhere,S=State,C=US" \
-storepass Secret -keypass Secret \
-keystore keystore.jks
Hope this helps others.
solution2
0 2012-07-11 19:12:36
Try Portecle . If the GUI can't do it, then simply extract the information from the source.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.